What Is AppMon?

AppMon is a suite of Python scripts that make gathering information on and penetration testing Android and iOS apps easier. AppMon integrates with the popular Frida dynamic instrumentation toolkit that provides access to information and capabilities similar to debugging an app.

With the Frida toolkit running as a service on an Android device, it can easily be accessed and intruded upon over ADB with AppMon. Frida opens the door. AppMon brings the tools to make the most of the opportunity.

For Android testing, AppMon can be run on any operating system equipped with ADB and Python, though the experience tends to be smoothest from Linux. This guide is based on a Debian-based Linux install, so adjust accordingly in your own testing.

AppMon has three primary tools for Android; Sniffer, Intruder, and Tracer. Each tool serves its own unique purpose and broadens the range of capabilities that you have when testing Android apps.

The Android Sniffer reads and logs API calls from a selected app. Those calls are logged to a database and displayed through a convenient web interface that AppMon spins up automatically.

AppMon also provides a utility to trace function calls within Android apps. The Android Tracer allows you to trace method calls by class within an Android app. The script displays those calls in the terminal in real time.

Once you’ve collected the data you need about your apps, you can use the Android Intruder to carry out an actual test. The Intruder executes custom scripts on the app of your choosing. You can use your scripts to execute actual Java within a running app to change its behavior or gather information.

There are two basic components that you’ll need to test with AppMon. First, you’ll need a computer to act as the host. AppMon is mostly written (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Nick Congleton. Read the original post at: